尝试在 Bind 9.11.4、Amazon Linux 2 上实现主/次(主/从)复制。Bind 9.8 也失败了。有 4 个视图。对于跨多个视图并在不同视图中使用不同区域文件的区域,复制会将其看到的第一个区域文件的内容放入所有视图的文件中。我看到了关于使用密钥来解决这个问题的模糊线索,但没有示例,没有语法。到目前为止,对密钥和语法的实验只是没有产生复制,也没有明显有用的错误消息。
基本的:
view officeview {
zone example.com {
file "named.example_office"; //<-- unique content
};
};
view cloudview {
zone example.com {
file "named.example_cloud"; //<-- unique content
};
};
// and 2 more views, each with unique content.
次要的:
view officeview {
zone example.com {
file "named.example_office"; //<-- primary officeview example.com content
};
};
view cloudview {
zone example.com {
file "named.example_cloud"; //<-- primary officeview example.com content
};
};
// and 2 more views slammed with primary officeview example.com content...
答案1
经过仔细阅读https://kb.isc.org/docs/aa-00851和https://downloads.isc.org/isc/bind9/9.11.4rc1/doc/arm/Bv9ARM.ch06.html几十次之后,这似乎到目前为止是有效的:
基本的:
view officeview {
match-clients { key officeviewkey; officeiprange; };
zone example.com {
file "named.example_office";
allow-transfer { key officeviewkey; slaveip };
also-notify { slaveip key officeviewkey; };
};
};
view cloudview {
match-clients { key cloudviewkey; cloudiprange; };
zone example.com {
file "named.example_datacenter";
allow-transfer { key cloudviewkey; slaveip };
also-notify { slaveip key cloudviewkey; };
};
};
次要的:
view officeview {
match-clients { key officeviewkey; officeiprange; };
zone example.com {
file "named.example_office";
};
};
view cloudview {
match-clients { key cloudviewkey; cloudiprange; };
zone example.com {
file "named.example_datacenter";
};
};
请理解,为了(希望)清晰起见,一些重要内容被省略了。